<?php
date_default_timezone_set('America/New_York');
function GetOrderDetails(){
	$conn = GetConnection();
	return $conn->query('SELECT * FROM Order_Details');
}

function GetOrderDetails_Sorted(){
	$conn = GetConnection();
	return $conn->query('SELECT * FROM Order_Details ORDER BY id DESC');
}

function GetOrderDetail($id){
	$conn = GetConnection();
	if($id == null)
		die("No Customer could be found. I.D. invalid.");
	$results = $conn->query("SELECT * FROM Order_Details WHERE id='$id'");
	$row = $results->fetch_assoc();
	$conn->close();
	return $row;
}

function EditOrderDetail($row){
	$conn = GetConnection();
	$name = strip_tags($row['name']);
	$order_id = $row['order_id'];
	$products_id = $row['product_id'];
	$price = $row['price'];
	$sku = rand_string(80);
	$quantity = $row['quantity'];
	$customer = $row['customer_id'];
	$cardtype = $row['cardtype'];
	$card_number = $row['card_number'];
	$exp_date = $row['exp_date'];
	$sku = $row['sku'];
	$id = $row['id'];
	if(strlen($name) > 0)
	{
		$conn->query("UPDATE Order_Details SET Orders_id='$order_id', Products_id='$products_id',name='$name', price ='$price',
		sku = '$sku', quantity = '$quantity', Customers_id = '$customer',cardtype='$cardtype',cardnumber='$card_number',exp_date='$exp_date' WHERE id = '$id'") or die(mysql_error());
	}
	else
		header("Location: http://cs.newpaltz.edu/~N02432643/%20web-course-2012/final/OrderDetails /edit.php?id=".$id."");
	
	$conn->close();
}
function NewOrderDetail($row){
	$name = strip_tags($row['name']);
	$order_id = $row['order_id'];
	$products_id = $row['product_id'];
	$price = $row['price'];
	$sku = rand_string(80);
	$quantity = $row['quantity'];
	$customer = $row['customer_id'];
	$cardtype = $row['cardtype'];
	$card_number = $row['card_number'];
	$exp_date = $row['exp_date'];
	
	if(strlen($name) > 0)
	{
		$conn = GetConnection();
		$conn->query("INSERT INTO Order_Details (id,Orders_id,Products_id,name,price,sku,quantity,Customers_id,cardtype,cardnumber,exp_date) 
		VALUES ('','$order_id','$products_id','$name','$price','$sku','$quantity','$customer','$cardtype','$card_number','$exp_date')") or die(mysql_error());
			$conn->close();

	}
	else {
			die("You need to enter a Order Details name.");
	}
}

function DeleteOrderDetail($id){
		$conn = GetConnection();
		$results = $conn->query("Delete FROM Order_Details WHERE id=$id");
		header('Location: http://cs.newpaltz.edu/~N02432643/%20web-course-2012/final/OrderDetails/');
}

function rand_string( $length ) {
	$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";	
	$size = strlen( $chars );
	$str = '';
	for( $i = 0; $i < $length; $i++ ) {
		$str .= $chars[ rand( 0, $size - 1 ) ];
	}

	return $str;
}

function GetOrders(){
	$conn = GetConnection();
	return $conn->query('SELECT * FROM Orders');
}

function GetProducts(){
	$conn = GetConnection();
	return $conn->query('SELECT * FROM Products');
}

function GetCustomers(){
	$conn = GetConnection();
	return $conn->query('SELECT * FROM Customers');
}